Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/mifawCCWPpNVJl3BHMrtHdzs19M.roa
File: mifawCCWPpNVJl3BHMrtHdzs19M.roa (raw, json)
Hash identifier: fgya17S4VfM06Hak+7sPCHK6vpUtKgGp18JL6/YN2ak=
Subject key identifier: 9A:27:DA:C0:20:96:3E:93:55:26:5D:C1:1C:CA:ED:1D:DC:EC:D7:D3
Certificate issuer: /CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Certificate serial: 01856E2F9EA8E75B7CA906802EFA70E5E909
Authority key identifier: DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/mifawCCWPpNVJl3BHMrtHdzs19M.roa
Signing time: Sun 01 Jan 2023 16:34:52 +0000
ROA not before: Sun 01 Jan 2023 16:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 939
IP address blocks: 89.105.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:9e:a8:e7:5b:7c:a9:06:80:2e:fa:70:e5:e9:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Validity
Not Before: Jan 1 16:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a27dac020963e9355265dc11ccaed1ddcecd7d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:82:ca:cd:4f:0e:9b:e1:20:8b:aa:c1:6a:
8d:7a:ad:79:ac:67:e1:59:1d:ca:d6:5f:fb:67:4e:
01:5a:bd:53:55:af:eb:5e:28:c7:c0:d2:04:63:06:
13:0e:f5:ff:3c:8f:3e:b4:3c:4b:6b:19:bc:84:bf:
a2:17:87:7f:1b:9c:0f:1d:89:4d:68:14:03:84:50:
e5:ca:07:5c:31:fb:86:19:d0:10:83:52:15:ab:14:
9e:e8:7f:5f:06:6d:58:30:7a:5e:07:75:ba:4b:b0:
22:f9:df:bc:5a:f0:ab:e8:b4:81:45:fc:16:1d:bf:
63:30:7d:b6:d0:c5:19:ad:f5:05:25:97:a1:1d:77:
f9:a7:af:e4:88:42:86:64:d8:2d:4a:ac:e2:1d:8d:
b8:c8:7e:af:6f:bf:d0:14:5f:3f:8d:03:a4:17:61:
d0:fc:96:ab:49:06:76:b9:64:06:eb:25:2b:47:71:
c5:6c:3f:9b:a6:76:83:15:fa:50:4d:37:12:ec:34:
12:b0:4c:a4:43:24:e8:23:c6:b0:51:68:46:7c:77:
f5:93:a8:a2:ee:61:ff:1a:28:f2:ef:54:97:55:63:
7a:4f:2c:29:97:e7:a9:f6:cc:70:f2:c4:25:99:cb:
76:d9:9f:95:d3:c7:41:ea:1a:37:cf:da:f8:32:7a:
6b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:27:DA:C0:20:96:3E:93:55:26:5D:C1:1C:CA:ED:1D:DC:EC:D7:D3
X509v3 Authority Key Identifier:
keyid:DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/mifawCCWPpNVJl3BHMrtHdzs19M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.105.196.0/24
Signature Algorithm: sha256WithRSAEncryption
44:6c:1a:e5:4f:85:e6:f5:19:01:31:87:6f:75:f9:d3:70:11:
27:6b:1b:c8:4c:bd:21:11:8b:63:11:36:f3:28:b4:08:b8:50:
83:90:e2:66:dc:39:b6:a2:8e:52:bd:59:9f:6d:d1:9e:74:08:
81:64:f7:b1:52:5e:8b:81:02:b7:cb:89:c0:73:c0:ab:c4:f6:
a3:1e:65:a1:a6:cc:1c:7b:e7:1e:71:e0:ca:78:76:61:63:ce:
48:05:56:5f:2d:d3:1b:fc:91:ea:02:2e:07:3b:d6:7a:7b:a6:
92:b0:1a:42:3b:b7:15:b2:5f:12:57:5a:2b:59:40:15:3f:5b:
85:5e:b6:ce:39:77:ae:98:db:c4:40:26:28:3d:1b:86:cc:78:
de:4b:5f:ae:45:6b:9d:2f:94:93:2a:f0:ad:0c:70:f5:69:53:
a1:e4:12:dc:b1:1d:7e:e7:bb:a6:a4:72:44:5b:ca:08:04:1d:
a4:bb:3c:d0:89:b7:4c:00:d0:4c:fa:71:0f:fc:28:8a:d8:94:
1c:ce:32:9c:8e:54:22:8b:0c:7e:71:75:86:25:c3:39:94:47:
90:ce:da:58:f0:2c:d0:57:47:41:9f:d1:c1:28:c9:c8:3e:e6:
01:c4:11:85:12:04:4c:37:f6:f4:e1:d8:e4:a2:33:c3:54:e6:
eb:3c:b6:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL56o51t8qQaALvpw5ekJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTBlMGFlZTFlY2MzMTA2NmNiNzQ0ZjhhN2ZlZWRlZmIz
Zjc5MzAwHhcNMjMwMTAxMTYzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTI3ZGFjMDIwOTYzZTkzNTUyNjVkYzExY2NhZWQxZGRjZWNkN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEqCys1PDpvhIIuqwWqNeq15rGfh
WR3K1l/7Z04BWr1TVa/rXijHwNIEYwYTDvX/PI8+tDxLaxm8hL+iF4d/G5wPHYlN
aBQDhFDlygdcMfuGGdAQg1IVqxSe6H9fBm1YMHpeB3W6S7Ai+d+8WvCr6LSBRfwW
Hb9jMH220MUZrfUFJZehHXf5p6/kiEKGZNgtSqziHY24yH6vb7/QFF8/jQOkF2HQ
/JarSQZ2uWQG6yUrR3HFbD+bpnaDFfpQTTcS7DQSsEykQyToI8awUWhGfHf1k6ii
7mH/Gijy71SXVWN6Tywpl+ep9sxw8sQlmct22Z+V08dB6ho3z9r4MnprZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJon2sAglj6TVSZdwRzK7R3c7NfTMB8GA1UdIwQY
MBaAFNyQ4K7h7MMQZst0T4p/7t77P3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYt
MDBiY2Q5YjkxYzFiLzEvbWlmYXdDQ1dQcE5WSmwzQkhNcnRIZHpzMTlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYtMDBiY2Q5YjkxYzFi
LzEvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWnEMA0G
CSqGSIb3DQEBCwUAA4IBAQBEbBrlT4Xm9RkBMYdvdfnTcBEnaxvITL0hEYtjETbz
KLQIuFCDkOJm3Dm2oo5SvVmfbdGedAiBZPexUl6LgQK3y4nAc8CrxPajHmWhpswc
e+ceceDKeHZhY85IBVZfLdMb/JHqAi4HO9Z6e6aSsBpCO7cVsl8SV1orWUAVP1uF
XrbOOXeumNvEQCYoPRuGzHjeS1+uRWudL5STKvCtDHD1aVOh5BLcsR1+57umpHJE
W8oIBB2kuzzQibdMANBM+nEP/CiK2JQczjKcjlQiiwx+cXWGJcM5lEeQztpY8CzQ
V0dBn9HBKMnIPuYBxBGFEgRMN/b04djkojPDVObrPLbX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-ams.rpki-client.org